0 Bewertungen0% fanden dieses Dokument nützlich (0 Abstimmungen)
67 Ansichten3 Seiten
The document describes several large DDoS attacks that have occurred:
1. In 2018, GitHub was hit with a record-breaking 1.35 terabits per second DDoS attack traced to over a thousand systems.
2. In 2012, six major U.S. banks including Bank of America and JP Morgan Chase were targeted by DDoS attacks generating over 60 gigabits of traffic per second using hijacked servers.
3. In 2013, the anti-spam organization Spamhaus was targeted by a 300 gigabits per second DDoS attack using reflection, the largest at the time.
The document describes several large DDoS attacks that have occurred:
1. In 2018, GitHub was hit with a record-breaking 1.35 terabits per second DDoS attack traced to over a thousand systems.
2. In 2012, six major U.S. banks including Bank of America and JP Morgan Chase were targeted by DDoS attacks generating over 60 gigabits of traffic per second using hijacked servers.
3. In 2013, the anti-spam organization Spamhaus was targeted by a 300 gigabits per second DDoS attack using reflection, the largest at the time.
The document describes several large DDoS attacks that have occurred:
1. In 2018, GitHub was hit with a record-breaking 1.35 terabits per second DDoS attack traced to over a thousand systems.
2. In 2012, six major U.S. banks including Bank of America and JP Morgan Chase were targeted by DDoS attacks generating over 60 gigabits of traffic per second using hijacked servers.
3. In 2013, the anti-spam organization Spamhaus was targeted by a 300 gigabits per second DDoS attack using reflection, the largest at the time.
On Feb. 28, 2018, GitHub – a popular developer platform – was hit with a sudden sudden onslaught of traffic that clocked in at 1.35 terabits per second. If that sound like a lot, that’s because it is – that amount of traffic is not only massive, it’s record-breaking. According to GitHub, the traffic was traced back to “over a thousand different autonomous systems (ASNs) across tens of thousand of unique endpoints.”
2. U.S. Banks: 60 Gbps
In 2012, not one, not two, but a whopping six U.S. banks were targeted by a string of Ddos attacks. The victims were no small-town banks either. They included Bank of America, JP Morgan Chase, U.S. Bancorp, Citigroup and PNC Bank. The attack was carried out by hundreds of hijacked servers, which each created peak floods of more than 60 gigabits of traffic per second. At the time, these attacks were unique in their persistence: Rather than trying to execute one attack and then backing down, the perpetrator(s) barraged their targets with a multitude of methods in order to find one that worked. So, even if a bank was equipped to deal with a few types of DDoS attacks, they were helpless against other types.
3. Spamhaus: 300 Gbps
In 2013, a DdoS attack was launched against Spamhaus, a non-profit threat intelligence provider. Although Spamhaus, as an anti-spam organization, was and is regularly threatened and attacked, this DdoS attack was large enough to knock their website offline, as well as part of their email services. Like the 2014 attack on CloudFlare mentioned above, this attack utilized reflection to overload Spamhaus’ servers with 300 gigabits of traffic per second. The attack was traced to a member of a Dutch company named Cyberbunker, who seemingly targeted Spamhaus after it blacklisted Cyberbunker.
4. Occupy Central, Hongkong: 500 Gbps
The PopVote DDoS Attack was carried out in 2014 and targeted the Hong Kong-based grassroots movement known as Occupy Central. The movement was campaigning for a more democratic voting system. In response to their activities, attacker(s) sent large amounts of traffic to three of Occupy Central’s web hosting services, as well as two independent sites, PopVote, an online mock election site, and Apple Daily, a news site, neither of which were owned by Occupy Central but openly supported its cause. Presumably, those responsible were reacting to Occupy Central’s pro-democracy message. The attack barraged servers with packets disguised as legitimate traffic, and was executed with not one, not two, but five botnets. This resulted in peak traffic levels of 500 gigabits per second.
5. CloudFlare: 400 Gbpps
In 2014, security provider and content delivery network CloudFlare was slammed by approximately 400 gigaabits per second of traffic. The attack was directed at a single CloudFlare customer and targeted servers in Europe and was launched with the help of a vulnerability in the Network Time Protocol (NTP), a networking protocol for computer clock synchronization. Even CloudFlare’s customers, it was so powerful that it affected CloudFlare’s own network. This attack illustrated a technique in which attackers use spoofed source addresses to send mass amounts NTP servers’ responses to the victim. This is known as “reflection,” since the attacker is able to mirror and amplify traffic. Shortly after the attack, the U.S. Computer Emergency Readiness Team explained NTP Amplification Attacks are, “especially difficult to block” because “responses are legitimate data coming from valid servers.”